3.4.1.REST API Security - Introduction

Application security
- An attack can occur on almost any of these points
- The attacker can attack the application and manipulate the data or steal the identity
- The attacker can look at the abilities understand the abilities of the gateway and that will connect to the backend system
- The attacker can bleach the firewall and go directly to the server
- Bottom line is: think about security at every touch point in the API, not just API implementation
Mobile application concern
Data security
- Always use TLS/ HTTPS for REST API
API security
- Authentication
- Authorization
- Functional attacks

Previous3.4.REST API Security Next3.4.2.Securing API with Basic Authentication

Last updated 5 years ago

Was this helpful?